This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft File: 5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json) Hash identifier: +3eFyJMBja7PzSDWICbUsrzDx63uEX5J2fW3RWWrYo8= Subject key identifier: 08:50:03:05:15:73:96:08:00:FF:61:11:B7:E3:D3:D0:42:B1:E6:D5 Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA Certificate issuer: /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa Certificate serial: 019B6CC603FDB91DAE684B8A7C62F876EAF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft Manifest number: 0ABE Signing time: Tue 30 Dec 2025 01:01:14 +0000 Manifest this update: Tue 30 Dec 2025 01:01:14 +0000 Manifest next update: Wed 31 Dec 2025 01:01:14 +0000 Files and hashes: 1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: hCaGbXbiL/vMmFCxB6ndCWEnY6Sz5wYfp1E1W0IkaDQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c6:03:fd:b9:1d:ae:68:4b:8a:7c:62:f8:76:ea:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa Validity Not Before: Dec 30 01:01:14 2025 GMT Not After : Dec 31 01:01:14 2025 GMT Subject: CN=085003051573960800ff6111b7e3d3d042b1e6d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d0:63:af:3b:37:8b:56:13:84:a8:b8:a5:6e: d6:49:a3:18:02:71:1c:30:57:fc:7b:d7:69:ad:5a: c8:ab:63:2f:de:11:d6:18:95:c4:d7:94:e0:44:3b: 21:f5:7a:96:3a:eb:b5:e7:66:09:49:0b:e3:cb:44: ff:5c:bd:5f:a7:85:b5:80:bd:fa:f2:4d:d1:18:43: ac:36:98:5e:27:34:fa:91:98:81:00:32:20:c5:cc: 2c:55:bd:41:24:e5:8b:57:20:39:47:75:df:3b:4c: a6:17:b5:05:35:08:ed:8c:3a:00:ff:65:38:56:e1: bb:bd:48:a6:35:38:fe:70:0f:57:89:51:e2:4c:43: 9a:0b:c8:04:93:fd:fc:3c:1e:05:26:43:26:4b:9a: f9:ec:3e:1e:c7:44:5a:92:7e:82:e2:f5:76:9f:40: 89:5b:79:02:85:fa:9e:98:55:bf:8e:7c:de:88:3b: 67:6d:44:80:ae:5d:bc:85:c6:c2:0c:17:4d:1d:b3: e8:39:b5:9b:e6:58:3b:e1:93:4e:38:01:b3:9a:b7: 12:9d:b4:f7:d6:82:e5:9c:df:99:d9:9c:e2:6e:a6: a4:5f:81:5e:4d:a3:ff:1c:f1:db:0a:ba:43:c1:40: a8:8d:90:11:97:c2:22:9b:25:a0:cf:0c:7f:6f:55: 14:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:50:03:05:15:73:96:08:00:FF:61:11:B7:E3:D3:D0:42:B1:E6:D5 X509v3 Authority Key Identifier: keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:69:6d:04:7f:aa:87:cb:5f:5a:36:ee:e4:cf:d4:d5:7c:00: cc:13:72:f3:49:92:82:27:6f:cb:64:ef:1a:5a:10:6b:a8:d7: f0:69:bb:81:44:31:49:fc:25:40:98:ba:a0:92:df:15:c2:bd: 24:53:07:87:51:d7:d4:5c:6b:f6:bf:7b:55:fb:4c:ef:50:cc: ce:08:b5:03:1b:09:e4:37:0f:d5:ca:b4:75:03:4d:7f:1f:4f: f2:71:f5:94:ac:fe:4f:d3:06:2c:9b:d7:43:0d:77:c0:0d:e1: d2:25:9c:16:40:2d:78:d2:29:e3:0c:c2:46:c9:61:01:03:7e: 6a:1b:a6:93:7f:b5:cd:fa:b7:0d:7a:32:14:a8:10:07:3e:b9: f2:17:69:9d:e2:59:db:1d:f4:03:ee:bc:df:d4:11:6e:82:c9: fa:8f:ae:6a:71:47:57:20:3f:89:e1:fd:b5:65:35:1e:4d:8d: 8c:1a:ae:cc:fa:89:b2:fa:f4:22:3b:e4:93:df:a9:66:b3:db: ff:f6:7e:b4:37:e8:f8:0b:1d:e2:16:08:1f:63:21:76:4b:d7: ca:b1:27:d3:37:b4:3a:bd:a8:1b:a6:da:fd:d8:ea:00:de:82: c8:d6:91:a0:0c:b3:b8:69:05:ac:72:ba:6d:25:e9:37:29:23: d4:20:c0:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxgP9uR2uaEuKfGL4duryMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5 NDM5ZmEwHhcNMjUxMjMwMDEwMTE0WhcNMjUxMjMxMDEwMTE0WjAzMTEwLwYDVQQD EygwODUwMDMwNTE1NzM5NjA4MDBmZjYxMTFiN2UzZDNkMDQyYjFlNmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9Bjrzs3i1YThKi4pW7WSaMYAnEc MFf8e9dprVrIq2Mv3hHWGJXE15TgRDsh9XqWOuu152YJSQvjy0T/XL1fp4W1gL36 8k3RGEOsNpheJzT6kZiBADIgxcwsVb1BJOWLVyA5R3XfO0ymF7UFNQjtjDoA/2U4 VuG7vUimNTj+cA9XiVHiTEOaC8gEk/38PB4FJkMmS5r57D4ex0Rakn6C4vV2n0CJ W3kChfqemFW/jnzeiDtnbUSArl28hcbCDBdNHbPoObWb5lg74ZNOOAGzmrcSnbT3 1oLlnN+Z2ZzibqakX4FeTaP/HPHbCrpDwUCojZARl8IimyWgzwx/b1UUNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAhQAwUVc5YIAP9hEbfj09BCsebVMB8GA1UdIwQY MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2 LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAamltBH+q h8tfWjbu5M/U1XwAzBNy80mSgidvy2TvGloQa6jX8Gm7gUQxSfwlQJi6oJLfFcK9 JFMHh1HX1Fxr9r97VftM71DMzgi1AxsJ5DcP1cq0dQNNfx9P8nH1lKz+T9MGLJvX Qw13wA3h0iWcFkAteNIp4wzCRslhAQN+ahumk3+1zfq3DXoyFKgQBz658hdpneJZ 2x30A+6839QRboLJ+o+uanFHVyA/ieH9tWU1Hk2NjBquzPqJsvr0Ijvkk9+pZrPb //Z+tDfo+Asd4hYIH2MhdkvXyrEn0ze0Or2oG6ba/djqAN6CyNaRoAyzuGkFrHK6 bSXpNykj1CDAMw== -----END CERTIFICATE-----Generated at Tue Dec 30 10:33:14 2025 by rpki-client